package com.panshi.controller.logic;
import com.panshi.api.SystemUserApi;
import com.panshi.po.SystemUserPo;
import com.panshi.vo.*;
import lombok.extern.slf4j.Slf4j;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.DisabledAccountException;
import org.apache.shiro.authc.IncorrectCredentialsException;
import org.apache.shiro.authc.UnknownAccountException;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.subject.Subject;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.data.redis.core.RedisTemplate;
import org.springframework.stereotype.Controller;
import org.springframework.ui.Model;
import org.springframework.web.bind.annotation.*;
import org.springframework.web.servlet.ModelAndView;
import javax.annotation.Resource;
import javax.servlet.http.HttpServletRequest;
import java.util.HashMap;
import java.util.Map;

/**
 * 登录业务层
 */

@Controller
@Slf4j
public class LogicController {

    @Resource
    SystemUserApi systemUserApi;

    /**
     * 跳转登录页面
     * @return
     */
    @RequestMapping(value = "/login", method = RequestMethod.GET)
    public ModelAndView defaultLogin() {

        ModelAndView modelAndView=new ModelAndView("logic/login");

        return modelAndView;

    }

    /**
     * 账户登录
     * @param loginReqVO
     * @param request
     * @return
     */
    @RequestMapping(value = "/login", method = RequestMethod.POST)
    @ResponseBody
    public ResponseVO<?> logic(@RequestBody LoginReqVO loginReqVO, HttpServletRequest request, Model model){
        try {

            log.info("登录信息={}",loginReqVO);

            //取出图形验证码
            String verifyCode= (String) request.getSession().getAttribute("VerifyCode");

            if(!loginReqVO.getIdentify().equals(verifyCode)){

                return ResponseVO.fail("验证码不正确");

            }
            //shiro 从安全工具类，获取一个Subject,代表了当前 “用户”
            //所有 Subject 都绑定到 SecurityManager，与 Subject 的所有交互都会委托给 SecurityManager
            Subject subject = SecurityUtils.getSubject();

            //创建一个认证凭证，且这个认证凭证是用户名，密码转入到shiro执行登录认证
            UsernamePasswordToken authenticationToken=new UsernamePasswordToken(loginReqVO.getUsername(), loginReqVO.getPassword());

            //是否记住登录

            authenticationToken.setRememberMe(loginReqVO.isRememberMe());

            //执行登录
            subject.login(authenticationToken);

            //代码走到这里，说明登录成功了

            SystemUserPo systemUserPo=(SystemUserPo)subject.getPrincipal();
            log.info("登录成功,从shrio获取到已成功用户对象信息={}",systemUserPo);

            request.getSession().setAttribute("loginUser",systemUserPo);

        }catch (UnknownAccountException e) {//不存在账号抛出异常
            log.error(e.getMessage());;
            return ResponseVO.fail("用户不存在");
        }catch (DisabledAccountException e) {//账号被禁用
            log.error(e.getMessage());;
            return ResponseVO.fail("用户被禁用,请联系管理员");
        }catch (IncorrectCredentialsException e) {//异常说明，不正确的凭证，意思就是密码错误
            log.error(e.getMessage());;
            return ResponseVO.fail("密码错误");
        }catch (RuntimeException e) {//运行时，自定义抛出异常
            log.error("自定义错误异常",e);
            return ResponseVO.fail(e.getMessage());
        }

		return ResponseVO.success();

    }

    /**
     *  退出登录
     * @return
     */
    @RequestMapping(value = "/loginout", method = RequestMethod.POST)
    public String loginout() {

        Subject subject=SecurityUtils.getSubject();

        SystemUserPo systemUserPo=(SystemUserPo)subject.getPrincipal();

        subject.logout();

        log.info("退出登录={}",systemUserPo.getUsername());

        return "logic/login";

    }

}
